

Elastic Observability and Falcon LogScale are tools for monitoring and analyzing system performance. Falcon LogScale appears to have an advantage due to its superior analytical capabilities.
Features: Elastic Observability offers search flexibility, intuitive visualization options, and a scalable data model. Falcon LogScale provides comprehensive monitoring features, real-time processing, and detailed analytics.
Room for Improvement: Elastic Observability could improve its learning curve, onboarding experience, and better integration options. Falcon LogScale has room for improvement in integration options, setup complexity, and expanding its customer service resources.
Ease of Deployment and Customer Service: Elastic Observability benefits from straightforward deployment and strong customer support. Falcon LogScale has a more intricate setup but provides a comprehensive customer support network.
Pricing and ROI: Elastic Observability's competitive cost structure and open-source nature yield a strong return on investment. Falcon LogScale's higher price point is justified by its features and resulting high ROI.
Elastic Observability has saved us time as it's much easier to find relevant pieces across the system in one screen compared to our own software, and it has saved resources too since the same resources can use less time.
You save man hours, and man hours convert to business time and money time as well.
Falcon LogScale helps ease this process and sends logs to XDR for further verification.
I have definitely seen ROI with Falcon LogScale so far.
Elastic support really struggles in complex situations to resolve issues.
Their excellent documentation typically helps me solve any issues I encounter.
I would rate the customer support a 10 on a scale of one to 10.
I raised a customer support request, and in response, they released a new version with a fix for that problem.
The information contained in Falcon LogScale's documentation is very clear.
I rate the scalability of Elastic Observability as a ten, as we have never seen issues even with a lot of data coming in from more customers, provided we have the appropriate configuration.
Elastic Observability seems to have a good scale-out capability.
Elastic Observability is easy in deployment in general for small scale, but when you deploy it at a really large scale, the complexity comes with the customizations.
If there is a critical incident with an associated IP, associated user, endpoints, or whatever factor it is supposed to associate, it associates it by default and makes our life easier, making the SOC life easier.
You could integrate as many endpoints as you want within a fraction of seconds, and it accommodates the number of resources that you integrate with it while maintaining the same response time.
When we add new log sources or suddenly increase our ingestion volume, the performance does not dip.
There are some bugs that come with each release, but they are keen always to build major versions and minor versions on time, including the CVE vulnerabilities to fix it.
It is very stable, and I would rate it ten out of ten based on my interaction with it.
I would rate the stability of Elastic Observability as a ten, as we don't experience any issues.
It uses an index-free architecture, it does not suffer from index corruption or the complications that other legacy tools face.
Falcon LogScale is very strong in real-time log search.
We did not have any problems with Falcon LogScale in terms of stability and reliability.
For instance, if you have many error logs and want to create a rule with a custom query, such as triggering an alert for five errors in the last hour, all you need to do is open the AI bot, type this question, and it generates an Elastic query for you to use in your alert rules.
It lacked some capabilities when handling on-prem devices, like network observability, package flow analysis, and device performance data on the infrastructure side.
Some areas such as AI Ops still require data scientists to understand machine learning and AI, and it doesn't have a quick win with no-brainer use cases.
For the ease of use for Falcon administrators, the same documentation on the Falcon LogScale portal should be on the CrowdStrike dashboard.
KQL is simpler when compared to SQL. However, SQL is faster and quite efficient, but the language is a bit tough.
What they have done now is added what is called Charlotte AI, which is their new AI capabilities that can help with this.
The license is reasonably priced, however, the VMs where we host the solution are extremely expensive, making the overall cost in the public cloud high.
Elastic Observability is cost-efficient and provides all features in the enterprise license without asset-based licensing.
Observability is actually cheaper compared to logs because you're not indexing huge blobs of text and trying to parse those.
I believe when it comes to log ingestion, it is comparatively low compared to any other services like Microsoft, Trend Micro, or Splunk.
For us, it is a very cost-effective solution.
My experience with pricing, setup cost, and licensing is that it is straightforward, and the cost is quite low.
The most valuable feature is the integrated platform that allows customers to start from observability and expand into other areas like security, EDR solutions, etc.
the most valued feature of Elastic is its log analytics capabilities.
All the features that we use, such as monitoring, dashboarding, reporting, the possibility of alerting, and the way we index the data, are important.
You can describe what you want to do in English, and it converts it to a query language for you to use.
Traditional SIEM tools index logs, which is slow and expensive. Falcon LogScale stores logs without heavy indexing and searches directly, making it very fast.
Falcon LogScale has positively impacted my organization by providing visibility of the logs, making it easier for us to troubleshoot any issues.
| Product | Mindshare (%) |
|---|---|
| Falcon LogScale | 0.9% |
| Elastic Observability | 1.2% |
| Other | 97.9% |


| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 4 |
| Large Enterprise | 16 |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 9 |
| Large Enterprise | 3 |
Elastic Observability offers a comprehensive suite for log analytics, application performance monitoring, and machine learning. It integrates seamlessly with platforms like Teams and Slack, enhancing data visualization and scalability for real-time insights.
Elastic Observability is designed to support production environments with features like logging, data collection, and infrastructure tracking. Centralized logging and powerful search functionalities make incident response and performance tracking efficient. Elastic APM and Kibana facilitate detailed data visualization, promoting rapid troubleshooting and effective system performance analysis. Integrated services and extensive connectivity options enhance its role in business and technical decision-making by providing actionable data insights.
What are the most important features of Elastic Observability?Elastic Observability is employed across industries for critical operations, such as in finance for transaction monitoring, in healthcare for secure data management, and in technology for optimizing application performance. Its data-driven approach aids efficient event tracing, supporting diverse industry requirements.
Falcon LogScale is a modern log management tool that offers robust features for organizations seeking efficient log analysis. It provides high-speed log ingestion and query capabilities, enabling detailed insights into system performance and security events.
Falcon LogScale provides an efficient way for IT teams to handle massive volumes of log data. Its architecture supports rapid ingestion and real-time querying, making it ideal for security and operational analytics. With customizable search capabilities, it allows deep analysis to detect anomalies and troubleshoot issues effectively. Users appreciate its scalability and performance-driven approach, making it suitable for large infrastructures.
What are the most important features of Falcon LogScale?
What benefits or ROI should be anticipated?
Falcon LogScale is particularly beneficial in industries requiring detailed compliance reporting and real-time threat detection, such as finance and healthcare. It's implemented to support security operations and incident response teams by providing timely insights and operational efficiencies.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.